package com.blogSystem.article.config;


import com.blogSystem.article.filter.JWTAuthorizationFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import util.JwtUtil;

import java.net.InetAddress;

/**
 * 安全配置类
 */


@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {


    @Autowired
    private JwtUtil jwtUtil;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        InetAddress addr = InetAddress.getLocalHost();
        System.out.println("Local HostAddress:"+addr.getHostAddress());


        http.authorizeRequests()
                .antMatchers("/article/**").permitAll()
                .antMatchers("/edit/deleteById").hasRole("USER")
          .antMatchers("/edit/update").hasRole("USER")
          .antMatchers("/edit/notpass").hasRole("ADMIN")
          .antMatchers("/user/changename").hasRole("USER")
          .antMatchers("/edit/not_reviewed").hasRole("ADMIN")
          .antMatchers("/edit/upload").hasRole("USER")
          .antMatchers("/edit/uploads").hasRole("USER")
          .antMatchers("/edit/readreview").hasRole("ADMIN")
          .antMatchers("/user/update").hasRole("USER")
          .antMatchers("/user/info/**").permitAll()
                //.antMatchers("/article/add").hasRole("USER")
                //.antMatchers("/article/add_type").hasIpAddress(addr.getHostAddress())
                /*.antMatchers("/super/**").hasRole("SUPER")
                .antMatchers("/user/changename").hasRole("USER")
                .antMatchers("/user/sendsms").permitAll()
                .antMatchers("/user/reister").permitAll()
                .antMatchers("/user/info/**").permitAll()
                .antMatchers("/user/sendsmschange").hasRole("USER")
                .antMatchers("/user/changepass").hasRole("USER")
                .antMatchers("/user/space").hasRole("USER")
                .antMatchers("/user/changeinfo").hasRole("USER")
                .antMatchers("/admin/**").hasRole("ADMIN")
*/

                .anyRequest().authenticated()//认证
                .and().csrf().disable()

                .addFilter(new JWTAuthorizationFilter(authenticationManager()))
        ;//关闭csrf拦截



    }

    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
        return source;
    }
}
